epan/dissectors/packet-udp.h

   1 /* packet-udp.h
   2  *
   3  * $Id$
   4  *
   5  * Wireshark - Network traffic analyzer
   6  * By Gerald Combs <gerald@wireshark.org>
   7  * Copyright 1998 Gerald Combs
   8  *
   9  *
  10  * This program is free software; you can redistribute it and/or
  11  * modify it under the terms of the GNU General Public License
  12  * as published by the Free Software Foundation; either version 2
  13  * of the License, or (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU General Public License
  21  * along with this program; if not, write to the Free Software
  22  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  23  */
  24
  25 #ifndef __PACKET_UDP_H__
  26 #define __PACKET_UDP_H__
  27
  28 /* UDP structs and definitions */
  29 typedef struct _e_udphdr {
  30   guint16 uh_sport;
  31   guint16 uh_dport;
  32   guint16 uh_ulen;
  33   guint16 uh_sum_cov;
  34   guint16 uh_sum;
  35   address ip_src;
  36   address ip_dst;
  37 } e_udphdr;
  38
  39 /* Conversation and process structures originally copied from packet-tcp.c */
  40 typedef struct _udp_flow_t {
  41         /* Process info, currently discovered via IPFIX */
  42         guint32 process_uid;    /* UID of local process */
  43         guint32 process_pid;    /* PID of local process */
  44         gchar *username;        /* Username of the local process */
  45         gchar *command;         /* Local process name + path + args */
  46 } udp_flow_t;
  47
  48 struct udp_analysis {
  49         /* These two structs are managed based on comparing the source
  50          * and destination addresses and, if they're equal, comparing
  51          * the source and destination ports.
  52          *
  53          * If the source is greater than the destination, then stuff
  54          * sent from src is in ual1.
  55          *
  56          * If the source is less than the destination, then stuff
  57          * sent from src is in ual2.
  58          *
  59          * XXX - if the addresses and ports are equal, we don't guarantee
  60          * the behavior.
  61          */
  62         udp_flow_t      flow1;
  63         udp_flow_t      flow2;
  64
  65         /* These pointers are set by get_tcp_conversation_data()
  66          * fwd point in the same direction as the current packet
  67          * and rev in the reverse direction
  68          */
  69         udp_flow_t      *fwd;
  70         udp_flow_t      *rev;
  71 };
  72
  73 /** Associate process information with a given flow
  74  *
  75  * @param frame_num The frame number
  76  * @param local_addr The local IPv4 or IPv6 address of the process
  77  * @param remote_addr The remote IPv4 or IPv6 address of the process
  78  * @param local_port The local TCP port of the process
  79  * @param remote_port The remote TCP port of the process
  80  * @param uid The numeric user ID of the process
  81  * @param pid The numeric PID of the process
  82  * @param username Ephemeral string containing the full or partial process name
  83  * @param command Ephemeral string containing the full or partial process name
  84  */
  85 extern void add_udp_process_info(guint32 frame_num, address *local_addr, address *remote_addr, guint16 local_port, guint16 remote_port, guint32 uid, guint32 pid, gchar *username, gchar *command);
  86
  87
  88 extern void decode_udp_ports(tvbuff_t *, int, packet_info *,
  89         proto_tree *, int, int, int);
  90
  91 #endif